[asterisk-users] RTP / NAT question ( pjsip )

Kevin Long kevin.long at haloprivacy.com
Wed Mar 2 19:47:00 CST 2016 

Hi Joshua,



Looking at the transmitted SIP packets from Asterisk,  it looks like Asterisk is only sending it’s own internal IP (it is behind a NAT too, with proper port forwarding) .

I did set in my transport the external_signaling_address and external_media_address  ,  and I have now put transport= into my endpoint configuration hoping they will “inherit” the correct public IP for the media .

But Asterisk is still sending RTP to the wrong IP .  


I am trying to test a “real world” scenario of public IP and NAT traversal,  but I do have split tunnel VPN in my environment so the endpoint and the asterisk server *could* reach each other by the private IP ,but I am actually trying to avoid this with a proper configuration since my real users will not be on any  VPN, mostly. 







;===============TRANSPORT
 




[transport-tls]
type=transport
protocol=tls
bind=0.0.0.0:5061
local_net=10.50.55.0/24
external_media_address=66.114.139.174
external_signaling_address=66.114.139.174
cert_file=/etc/asterisk/keys/dev1.crt
priv_key_file=/etc/asterisk/keys/dev1.key
ca_list_file=/etc/asterisk/keys/ca.crt
cipher=AES256-SHA
method=tlsv1
 
;===============EXTENSION 6001
 
[6000]
type=endpoint
context=internal
disallow=all
allow=ulaw
transport=transport-tls
auth=auth6000
aors=6000
direct_media=no
rewrite_contact=yes  ; necessary if endpoint does not know/register public ip:port
ice_support=no
force_rport=yes
rtp_symmetric=yes
media_encryption=sdes


[auth6000]
type=auth
auth_type=userpass
password=6000
username=6000
 
[6000]
type=aor
qualify_frequency=30
max_contacts=1
remove_existing=yes


;===============EXTENSION 6001

[6001]
type=endpoint
context=internal
disallow=all   
allow=ulaw
transport=transport-tls
auth=auth6001
aors=6001
direct_media=no
rewrite_contact=yes  ; necessary if endpoint does not know/register public ip:port
ice_support=no
force_rport=yes
rtp_symmetric=yes
media_encryption=sdes



[auth6001]
type=auth
auth_type=userpass
password=6001
username=6001

[6001]
type=aor
qualify_frequency=30
max_contacts=1
remove_existing=yes








-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3587 bytes
Desc: not available
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20160303/29686a06/attachment.bin>

More information about the asterisk-users mailing list